55-year-old Davis Lu received four years in prison for sabotaging his former employer’s Windows network. Lu carried out his revenge using custom malware and a special “kill switch” that locked out all employees after his account was disabled.
As the U.S. Department of Justice reports, Lu, a Chinese national lawfully residing in Houston, worked at Ohio-based Eaton Corporation from 2007 until his termination in 2019. After a corporate reorganization and subsequent demotion in 2018, Lu realized that his termination was inevitable and decided to take revenge on his employer by implanting malicious code into the Windows environment of the manufacturing systems.
The malicious code used “infinite loops” that overloaded servers, deleted coworkers’ profile files, blocked legitimate logins, and caused system outages. In addition, Lu created a software “kill switch” called IsDLEnabledinAD (Is Davis Lu enabled in Active Directory, “Is Davis Lu active in Active Directory”), which automatically blocked all users if the developer’s account was disabled in Active Directory.
On September 9, 2019, Lu was finally fired, after which his account was disabled. This triggered the “kill switch,” which locked out thousands of the company’s employees around the world.
“The defendant betrayed his employer’s trust by using his access and technical expertise to sabotage corporate networks, creating chaos and causing the company losses amounting to hundreds of thousands of dollars,” the Prosecutor General’s Office commented.
When Lu was asked to return the corporate laptop, he allegedly deleted encrypted data from the device. However, investigators later found search queries on the device indicating that Lu had been researching privilege escalation, process hiding, and ways to quickly delete files.
In March of this year, Lu was found guilty of intentionally causing damage to protected computers. The prosecution emphasized that, in addition to sabotaging his former employer’s network, Lu attempted to cover his tracks, hoping his technical knowledge would help him avoid punishment.
Lu has now been sentenced to four years in prison, and after serving his term the former developer will be required to remain under government supervision for another three years.